Mail.ru: Account Takeover at worki.ru

2019-10-30T17:21:18
ID H1:725707
Type hackerone
Reporter r0hack
Modified 2019-12-17T15:36:55

Description

One time code reuse between registration and authentication in combination with insufficient bruterofce protection allowed account access via verification code bruteforce for worki.ru.